Monthly Archives: June 2008

Post navigation

Managing risks in project is imperative for its success. We need to have a process (or processes) in place for risk management to be effective. Here are the five steps project manager can use for risk management:

4. Monitor & Implement the Action – Track the risks throughout the project. If risks occur then implement the risk strategy based on action plan. Ex. If mitigation strategy is selected, execute the contingency plan based on risk triggers. In case contingency plan fails, execute fallback plan.

5. Measure the effectiveness & Control the risk impact– Measure the effectiveness of the planned action and controlling the risk impact by understanding risk triggers & timely implementation of planned actions.

Risk management processes are cyclic which starts from identification of a risk and it may result in identification of another new risk.

Usually, each individual have different opinions & ways to deal with risks. Some go for avoidance. Others go with risk taking. So, while working for a project, the approach to risk should be consistent to meet project objectives & this need to be documented in a risk management plan. Communication of risk and its approach to be done to risk team member/risk owners/stakeholders.

Here is the links for all the PMBOK Risk Management processes in Mind Map structure:-

We can divide risks into following three broad category based on their identification & response planning:

1. Known – Responded (with avoidance, mitigation, transference)

2. Known – Not responded (or accepted)

3. Unknown (here also default strategy is acceptance)

Eliminating maximum number of risks is the main objective. But not all can be eliminated or responses would be too costly or time consuming and hence the risks are accepted.

In case of transference – project cost need to include the insurance amount

In case of mitigation – project cost and schedule need to consider the extra effort to execute contingency plan and subsequent fallback plan in case of contingency failure.

So even implementing planned responses increases cost and schedule of the project to execute the activities. These are not extra. They are inherent to the project based on the risk responses and it should not omitted during planning phase. These added cost and schedule due to risks are called ‘Reserve‘.

There are two types of reserves.

Contingency reserve is needed to tackle residual risks or “Known – Unknowns”. Risks that are identified but they are accepted.

Management reserve handles the “Unknown” risks. Those risks that are not identified as part of risk management process are “Unknown” risks. We don’t know what the risk is and we don’t have any response plan for them. They falls under ‘accepted’ risks.

Project manager has to take these into consideration in project schedule & budget plans. General representation of the project total budget & total schedule is:

Avoidance:“I want to eradicate the risk by eliminating its cause” strategy. In this either the risk eliminated by different means or by changing the project plan. Hence probability of risk becomes zero which will improve safety to project success. This is the best possible strategy. But it is not possible to follow avoidance all the time. Example for avoidance: House construction during summer instead of rainy season.

Transference:“In case of risk occurrence, third party will bear the impact” strategy. This one is next to avoidance in terms of project safety (esp. financial risks). Here risk is not eliminated but the risk impact is transferred to another one with extra project budget cost. Example: Annual Maintenance Contract, Shop Fire Insurance, Theft Insurance, Natural Disaster Insurance.

Mitigation: “Reduce the probability & impact of risk to accepted level by good planning before hand” strategy. Mitigation is taking calculated risk. We know there could be a risk. We can not avoid it. But we know we can reduce the probability & impact by taking some measures at the start of the project. Hence we added few activities for that in execution phase.

Acceptance:“In case of risk occurrence, nothing to do” strategy. This is the Worst ever strategy & most of the risk books do not call this as strategy at all ! All unidentified risks falls under this response category.

Risk Response for Positive Risks:

Exploitation:“I want to take advantage of an opportunity” strategy. We know there is a sure thing happens with this risk. Plan all actions to get more results of that. In this way we are increasing the impact. For example adding talented resources to reduce project time.

Sharing: “Having partnership in utilizing maximum advantage” strategy. Leaving ownership of the risk to another party who can tap the opportunity for our benefit. Good example on this is outsourcing to specialized groups.

Enhancing: “Getting it done by doing the right things” strategy. Identify few enhancers or drivers for the event, perform that in such a way it increases the probability and/or impact of it.

Acceptance: “In case of risk occurrence, nothing to do” strategy. Though this is a worst negative response strategy, it is a nice one for positive risks. No need to throw stones on the tree, fruit automatically falls on your lap in the windfall!

Risk management is a cyclic process. But for a project, it cannot go on for ever. Right? Project manager, his team & management has to find a stop point on further assessment & responses. Those risks that remain even after developing responses to the project’s primary (or original) risks are called as Residual Risks.

Impact of residual risks are usually actively accepted. The project team has to document & monitor these risks throughout the project as they may occur anytime. Contingency plans & fallback plans are created to handle the situation when these risks occur.

Residual Risks are termed sometime as ‘Known Unknowns’ i..e these are identified risks(‘known’) but their impact is ‘unknown’ and it is accepted.

In our school days, we studied about probability of occurrence of an event like probability of getting 2 when rolling a dice once = 1/6. I hated probability in my college days as lot of derivations and assumptions need to be done. When I studied the same in Project Risk Management, I understood the real application. But it is not too late for me to brush up my school probability one more time.

Unknown risks are those unable to anticipate and describe. Unknown risks cannot be managed proactively. These risks that result from the uniqueness of the work and they are difficult or impossible to anticipate.

For any project, before starting risk management planning process, ‘Unknown’ risks would be high. But through proper Risk Management Planning process, almost all risks can be explored which keeps ‘unknown’ risks to a minimal number.

In ideal situation, 0% ‘Unknown’ risk possible!(?)

Generally, the best method for managing unknown risk involves allocating reserves on the basis of the measured consequences of unanticipated problems on similar past projects.

* What are the environmental factors that influence your project’s success?

* Is those environmental factors are external or internal to your organization?

* Is the factor going to affect the project outcome positively or negatively?

* Is any factor imposing any constraints on the existing project management options?

You may bring a list of factors for the above thought provoking questions. Here we go!

The project manager must consider any or all external environmental factors and internal organizational environmental factors that surround or influence a project’s success. These factors are referred as Enterprise Environmental Factors (EEFs).

These factors may come from any or all of the enterprises involved in the project and it may include lot of things like organizational culture & structure, existing resources, PM softwares, etc. But these must be taken into account for every project process like project charter preparation, project planning, scheduling, costing, resources, etc.

Policies

Project Management

Copyright and Registered Trademarks Information

* Without prior author's permission, don't use articles in blog post as it is.
* You are welcome to give a URL link to blog articles without prior permission but not reproducing the whole article.
* “PMI” is a service and registered trademark of the Project Management Institute, Inc. which is registered in the United States and other nations,
* "PMBOK" is a registered trademark of the Project Management Institute, Inc. which is registered in the United States and other nations www.pmi.org ,
* Situational Leadership® is a registered trademark of the Center for Leadership Studies, Inc. www.situational.com

Blog Stats

2,838,881 hits

Affiliate Disclosure

Some of the links to the product reviewed in this article are affiliate links. If you buy this product after clicking one of the links, it will indirectly contribute toward maintenance of blogs.